Hi [[ session.user.profile.firstName ]]

Information is Leaking Everywhere! Is Encryption the Solution? A Pragmatic View

Reports about leaked sensitive information are endemic lately: the State Department (Wikileaks), the NSA (Edward Snowden), government-sponsored hacking of corporate secrets, companies’ “accidentally” losing sensitive personal information; and the list goes on.
Encryption as a technique to protect data and prevent loss, has been with the IT industry for decades. Can encryption solve or, at least, ameliorate this leakage? And, if so, why isn’t it working?
Recorded Dec 3 2013 44 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeff Kalwerisky; VP of Cybersecurity Training; CPEinteractive, Inc.
Presentation preview: Information is Leaking Everywhere! Is Encryption the Solution? A Pragmatic View

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Bridging the Trust Gap for Identity Services Based Market Growth Recorded: Mar 30 2015 48 mins
    Joni Brennan, Executive Director, Kantara Initiative
    In the age of digital transformation trust is key to the growth of services in both the public and private sectors. With more and more services evolving and innovating around digital identity there is a universal need to bridge and balance business incentives with government requirements. At Kantara Initiative we see the transformation cycle as a 4 stage process: strategy setting, innovation, deployment, and assurance. Few, if any, organizations can succeed at all of the strategic stages of change and innovation in isolation. We invite you to join us to discuss how trust frameworks will evolve to bridge the digital transformation of identity assurance.
  • Optimize SSL Certificate Management with Symantec and A10 Networks Recorded: Feb 25 2015 57 mins
    Frank Agurto-Machado, Pre-Sales Engineer, Symantec; John Gudmundson, Senior Manager, Product Marketing, A10 Networks
    Managing a secure SSL environment is getting complex. Recent industry standards and security vulnerabilities required IT to migrate from SHA-1 to SHA-2 hash algorithm, find alternatives for certificates with non-fully-qualified domain (FQDN) names and replace certificates impacted by the Heartbleed vulnerability. In addition, initiatives like Google’s “HTTPS everywhere” or always-on SSL on Google search may increase the deployment of SSL certificates in an organization. All these changes add to the challenges of managing SSL certificates.

    In the meantime, IT managers have to continue to provide optimal system performance to meet their users’ needs while staying within their budget.

    Attend this exclusive webinar to:

    - Discover recent changes and challenges with SSL certificate management
    - Learn how you can minimize time and resources in monitoring and managing SSL certificates with Symantec Certificate Intelligence Center (CIC)
    - Find out how you can optimize the performance of SSL encryption and decryption with the A10 Thunder Application Delivery Controller (ADC) from A10 Networks
  • Application of Cryptography for Enterprise Security Recorded: Dec 17 2014 113 mins
    Dr Michael H. Goldner, Dean of EC-Council University, EC-Council University
    Cryptography is the practice and study of techniques for keeping secrets. While the practice of keeping information hidden, or secured, has been around throughout the history of mankind, Modern Cryptography has evolved into much more. Now we use various algorithms (a fancy word for mathematical formulas) to not only keep information secured (Confidentiality), but also to authenticate the message and the originator of that message (Authentication); to stop the sender of the message from denying they sent it (Non-Repudiation); and to make sure that the information has not accidentally or purposely altered or corrupted (Integrity). This basic workshop will explain the basic concepts discussed above, as well as the differences between Symmetric and Asymmetric encryption. We will discuss Steganograhy, Digital certificates, Public Key Infrastructure and Digital Signatures. Although the workshop is to enhance basic understanding of these concepts, anyone studying for one of the major certification examinations in information security, such as the recently launched EC-Council Certified Chief Information Security Officer (C|CISO) will need to have a good grasp of these important concepts.
  • Stay Secure During the Holiday Season Recorded: Nov 19 2014 56 mins
    Jeff Barto, Trust Advocate, Symantec and Craig Spiezle, Online Trust Alliance
    On Cyber Monday, your organization’s employees will return from the Thanksgiving weekend, ready to kick off the online holiday shopping season – from their desks and devices. Last year over 500+ million identities were exposed via breaches. And with malware and phishing also in the news, join us to find out how you can protect not only your business but your employees’ personal information as they shop-from-work during the season.

    Learn more about the proactive steps you can do for protection including:
    · How you are the first line of defense when it comes to protection – password management and user access
    · When and how data should be encrypted
    · How to fight social engineered exploits: malicious web sites, malicious look-alike mobile apps and deceptive emails
  • Internet of Things - One Size Doesn’t Fit All Recorded: Nov 18 2014 59 mins
    Kevin Haley, Director, Product Management, Response and Jeff Barto, Trust Advocate
    Vendors are priming a great future when the Internet of Things (IoT) becomes a reality. The reality is that the Internet of Things is here today. IoT has been with us in various incarnations over the last ten years or so. To protect yourself, your network and your business you need to think of the larger picture of securing the device to the network and back again.
    IoT today is in its infancy, even though it’s been around a long time. There are no standards overall and there are industry nuances that further complicate security.

    View this recorded webcast to learn:
    · What the IoT means today
    · What devices have been hacked and what have not
    · Practical approaches and best practices for dealing with the security issues that IoT creates
  • Discover the Secrets of Successful Online Businesses Recorded: Oct 28 2014 53 mins
    Jeff Barto, Trust Strategist, Symantec
    It is extremely challenging to maintain a successful online business. The landscape is crowded and competition fierce. It is not enough to just have a good product; companies really have to stand out to attract online shoppers. On top of that, news of stolen identities from cybercriminals add yet another barrier as shoppers become very cautious about which online sites to trust their information to.

    View this recorded webcast to learn:
    · How to drive traffic to your site
    · What do you need to turn shoppers into buyers
    · How to increase buyer loyalty
  • Digital Privacy: Always on SSL & Perfect Forward Secrecy Recorded: Sep 23 2014 54 mins
    Jeff Barto, Symantec; Craig Spiezle, Online Trust Alliance; Stephen Ludin, Akamai Technologies
    Last year brought a lot of news about government snooping and public attacks against certain encryption and hash algorithms. These developments should concern anyone that values data privacy.

    View this recorded session with the Online Trust Alliance and Akamai Technologies to discover the current best practices in securing your website and internal infrastructure. Learn how to implement Always on SSL (AOSSL) and Perfect Forward Secrecy (PFS) to better secure your data.

    Join us to learn:
    · How to implement AOSSL and PFS in your environment
    · What precautions you need to take to protect your website and intranet infrastructure
  • The Internet of Things is Coming: What Can Possibly Go Wrong? Recorded: Sep 23 2014 53 mins
    Jeff Kalwerisky, VP of Information Security & Technical Training at CPE Interactive, Inc
    The buzz phrase du jour, the ‘Internet of Things’, – AKA the “Internet of Everything” – refers to a myriad of everyday devices which are being connected to the Internet, each with its own IP address. The IoT will comprise large numbers of such low-cost “smart” devices, up to 26 billion by 2020, according Gartner. They range from “smart” watches (Hi Apple!) to microwaves, and heart monitors to “smart” power grids.

    Predictably, the hype about the future benefits is in full force. And, yes, some of these benefits may actually happen. However, based on past disruptive trends, we can be certain that: (1) hackers, crackers, and attackers will not be slow to spot new opportunities for badware; (2) the IoT will generate gigantic amounts of data at very high velocity, with associated privacy concerns, and (3) boring stuff like updates and patches are going to be tough to do.

    The question, “What Can Possibly Go Wrong?”, must temper out enthusiasm for this immersive new environment so that we can avoid some of the security disasters of the past, particularly in sensitive industries, like healthcare and nationwide utility grids. This session will review the IoT from the viewpoint of cybersecurity and data privacy and develop some guidelines for the pragmatic and cautious user.
  • Symantec Private Certificate Authority Webinar Recorded: Sep 18 2014 24 mins
    Dave Corbett – Technical Product Manager
    Today’s enterprises are challenged to maintain and secure large intranet networks and to keep them compliant with changing regulations. Securing communications within these environments presents any number of security, financial, and personnel concerns. Solutions range from single-domain intranet SSL certificates, Wildcard certificates to Self-Signed Certificate Authorities (CA). Symantec™ Private Certification Authority (CA) provides a hosted private SSL certificate hierarchy and end-entity certificates specifically built to secure your internal communications. Consolidate your public and private SSL certificates onto one management console, Symantec™ Managed PKI (MPKI) for SSL.
  • Symantec Secure App Service Webinar Recorded: Sep 2 2014 34 mins
    Dave Corbett – Technical Product Manager
    Join us to learn about Symantec Secure App Service - a better way to sign code and secure applications.

    Traditional code signing provides a way for software publishers to assure their customers that the apps and files they have downloaded are, indeed, from them and have not been tampered with. Unfortunately, inadequate controls around this process can lead to malware propagation.

    Compromised certificates make news headlines and can lead to poor reputation for your company, and revoking these certificates could result in your distributed applications to suddenly appear as untrusted.

    Symantec Secure App Service is a cloud-based code signing and management solution with a complete range of services to help enterprises control and secure their code signing activities and keys easily. Services include vetting and approval of software publishers, code signing, key protection and revocation, administrative controls, reporting and audit logs.
  • The Heartbleed Bug: How to Protect Your Business Recorded: Aug 26 2014 57 mins
    Jeff Barto, Trust Advocate, Symantec
    With the recently discovered Heartbleed vulnerability, information security professionals and end users are feeling the pressure and impact to better protect their information. The task of securing your organization and information can seem overwhelming.

    View this webcast to get step-by-step instructions on how to protect your business and information, and keep your communications secure.

    Learn about:
    · What is Heartbleed and the impact it has
    · Understand how the vulnerability is exploited and how you can detect it
    · Steps you need to take to secure information now and going forward
  • Authentication After Passwords Recorded: Aug 21 2014 47 mins
    Jeff Kalwerisky, VP of Information Security & Technical Training at CPE Interactive, Inc
    The venerable password or PIN has been with us a long time to authenticate online users. But its last day is rapidly approaching. Users can no longer cope with the plethora of passwords to be remembered for a myriad of Websites, Enterprise logins, VPNs, and more. Even worse, every day seems to bring yet another incident of wholesale theft of IDs and passwords from sites with less than stellar security.

    The FIDO Alliance was formed specifically to develop specifications for reducing reliance on passwords. Even more encouraging, several startups are addressing the problem of replacing passwords in innovative ways. Heather Adkins, Google's manager of information security, put it succinctly recently when she commented that “the game is over” for startups that rely on passwords as the chief method to secure users and their data. She noted that "passwords are done at Google."

    This Webinar will examine the state of the art in authentication and how we will soon have much stronger identities in the digital world. It will discuss the problems with passwords and review solutions we will likely see in the near future to replace passwords and make us more secure and less hassled by having to remember so many different electronic identities.
  • Managed PKI for SSL Overview Recorded: Aug 3 2014 6 mins
    Short overview
    Learn how to reduce the cost of managing your SSL certificates.
  • Application of Cryptography for Enterprise Security Recorded: Jul 31 2014 113 mins
    Dr Michael H. Goldner, Dean of EC-Council University, EC-Council University
    Cryptography is the practice and study of techniques for keeping secrets. While the practice of keeping information hidden, or secured, has been around throughout the history of mankind, Modern Cryptography has evolved into much more. Now we use various algorithms (a fancy word for mathematical formulas) to not only keep information secured (Confidentiality), but also to authenticate the message and the originator of that message (Authentication); to stop the sender of the message from denying they sent it (Non-Repudiation); and to make sure that the information has not accidentally or purposely altered or corrupted (Integrity). This basic workshop will explain the basic concepts discussed above, as well as the differences between Symmetric and Asymmetric encryption. We will discuss Steganograhy, Digital certificates, Public Key Infrastructure and Digital Signatures. Although the workshop is to enhance basic understanding of these concepts, anyone studying for one of the major certification examinations in information security, such as the recently launched EC-Council Certified Chief Information Security Officer (C|CISO) will need to have a good grasp of these important concepts.
  • Identity Relationship Management: Connection and Context in the Age of IoT Recorded: Jul 30 2014 49 mins
    Joni Brennan - Kantara Initiative; Oleg Logvinov - STMicroelectronics; Eve Maler - ForgeRock
    Today, having an Identity Management strategy is not only an IT need but rather a business priority. Identity and Identity Access Management is evolving and connecting to your customers, citizens, and partners means the difference between business as usual and business building innovation. Identity Relationship Management provides a common language for the evolution of identity as a driver of revenue. Building upon data context and the emerging internet of things, with respect for user control of data sharing, identity is now a powerful connection tool that fosters and supports relationships.
  • Protect and Manage the (Crypto) Keys to Your Castle Recorded: Jun 25 2014 49 mins
    Jeff Kalwerisky, VP of Information Security & Technical Training at CPE Interactive, Inc
    Jeff Kalwerisky will give us an overview of the most dangerous mistakes organizations are making when it comes to key management and how you can implement a series of best practices to mitigate these mistakes today.
  • Secure File Sharing in the Cloud Recorded: May 14 2014 37 mins
    Brian Holyfield, Team Lead, SendSafely.com
    Virtually every business has contemplated moving data to the cloud. For many companies, the risk of storing certain classes of un-encrypted data in the cloud is not acceptable. Encrypting data, however, can hinder your ability to share that information with others.

    What you put in the cloud and how you protect it will largely determine what you, and to some degree, what an adversary can do with it. This webinar will discuss different approaches to sharing encrypted data in the cloud, and highlight the benefits and drawbacks of each model.
  • Encrypting Our Data To Stay Off The Front Pages Recorded: Apr 29 2014 54 mins
    Jeff Kalwerisky, VP of Information Security & Technical Training at CPE Interactive, Inc
    In this presentation, Jeff Kalwerisky will give us a run-down of the latest high profile OpenSSL vulnerabilities that led to some of the most devastating data breaches on record. He will discuss how these vulnerabilities remained un-detected, how key management plays a key role in your vulnerability in the wake of an OpenSSL flaw and a look forward into how encryption and SSL will work in the wake of Heartbleed.
  • 2014 – the Year of Data Encryption and Data Protection Recorded: Mar 11 2014 40 mins
    Jay SCARAMAZZO, CIPM, CIPP/E, CIPP/US, CIA, CISA, CRISC, CRMA, ACDA, CSPO, CIFE, MBA
    Data Encryption has been spoken about for years, but finally ENCRYPTION importance has come front-page. From the recent Snowden NSA Affair to major data breaches at Target, companies now have no choice but to consider securing their data at the source.

    This presentation will introduce you to your responsibilities in providing your customers with the Due Diligence (Risk Control and Executive Management Oversight) and Due Care (Continuous Monitoring through Security Practices, Procedures, Policies, Processes and Standards) that their personal data deserves.
  • Look after your keys and they will look after you - The five steps to sound key Recorded: Feb 18 2014 49 mins
    Richard Moulds, Thales e-Security VP of Strategy and Product Marketing
    Addressing virtually any of the current security mega-trends – government surveillance, privacy regulation, BYOD, cloud computing and big data - drives the need for more cryptography across core systems infrastructure and critical business applications. Whether encrypting sensitive data, strengthening IDs and credentials or digitally signing documents and software the actual security benefits you gain depend heavily on how you manage your cryptographic keys. Key management is not a simple task and it carries with it serious business continuity issues, real operational costs and is frequently a point of scrutiny for auditors. The days of using spreadsheets and thumb drives for managing cryptographic keys are numbered.
    During this session we will look at the types of keys that organizations have to manage, and how the key management challenge varies across multiple use cases in the enterprise. We’ll cover developments in the area of key management technologies, new standards that are emerging and preview the results of a global survey on the use of encryption and key management practices.
Symantec
Symantec Website Security Solutions allow companies and consumers to engage in communications and commerce online with trust and confidence. With more than one and a half million web servers using our SSL certificates, an infrastructure that processes more than four and a half billion certificate checks daily, and a trust mark that is seen more than half a billion times a day in 170 countries, the Norton Secured seal is the most recognized symbol of trust on the Internet.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Information is Leaking Everywhere! Is Encryption the Solution? A Pragmatic View
  • Live at: Dec 3 2013 4:00 pm
  • Presented by: Jeff Kalwerisky; VP of Cybersecurity Training; CPEinteractive, Inc.
  • From:
Your email has been sent.
or close